Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 6 of 6
  1. #1
    Status
    Offline
    numpangnimbrung's Avatar
    Baru Gabung
    Join Date
    Oct 2009
    Posts
    14
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    PC Client Hanya Bisa Browsing Beberapa Alamat Web Saja

    Salam hangat bwt para master sekalian....
    mohon petunjuk bagaimana cara bwt supaya client tertentu hanya bisa browsing ke 1 atau 2 alamat web saja jadi selain alamat web itu di blok. saya uda coba nerapin settingan sepeti di bawah ini tapi jika malah kagak konek sama sekali jika line no 3 di enable.

    1 ;;; Allow Situs
    chain=forward action=accept protocol=tcp src-address=192.168.1.10
    dst-port=80 content=pajak

    2 chain=forward action=accept protocol=tcp src-address=192.168.1.10
    dst-port=80 content=klikbca

    3 ;;; Block situs selain situs di atas
    chain=forward action=drop protocol=tcp src-address=192.168.1.10


    terima kasih sebelumnya

  2. #2
    Status
    Offline
    zdienos's Avatar
    Forum Guru
    Join Date
    Feb 2010
    Location
    ~/makasar
    Posts
    1,252
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by numpangnimbrung Click here to enlarge
    3 ;;; Block situs selain situs di atas
    chain=forward action=drop protocol=tcp src-address=192.168.1.10
    iyalah..., di situ drop semua...., mana pengecualiannya ??

    kenapa gak coba pake internal webproxy aja (external lebih bagus lagi)...
    semua dideny, kecuali web tertentu saja yang diallow

    CMIIW

    mungkin yang dibawah bisa ngasih contoh....
    ataw, jangan2 ini sudah pernah dibahas ???

  3. #3
    Status
    Offline
    numpangnimbrung's Avatar
    Baru Gabung
    Join Date
    Oct 2009
    Posts
    14
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ya maksudnya yang line 3 tu gan yang bwt pengecualiannya. e rupanya itu malah drop port 80 ya.

  4. #4
    Status
    Offline
    masjito's Avatar
    Member
    Join Date
    Feb 2008
    Posts
    157
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    coba satu rule ada gan

    Code:
    /ip firewall filter add chain=forward protocol=tcp in-interface=ether-lokal dst-port=80 src-address-list=user-tertentu dst-address-list=!ip-web-yang-bolehin action=drop
    address-list user-tertentu = isi dengan ip usernya
    address-list ip-web-yang-dibolehin = isi dengan ip address web nya.

    kalau tidak tau ip address web nya bisa liat di cmd windows dengan command nslookup misalnya detik yah nslookup detik.com

  5. The Following User Says Thank You to masjito For This Useful Post:


  6. #5
    Status
    Offline
    numpangnimbrung's Avatar
    Baru Gabung
    Join Date
    Oct 2009
    Posts
    14
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Thanks bwt zdienos & masjito.......settingan berhasil digunakan.... Click here to enlarge

  7. #6
    Status
    Offline
    y4nk33's Avatar
    Baru Gabung
    Join Date
    Mar 2010
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by masjito Click here to enlarge
    coba satu rule ada gan

    Code:
    /ip firewall filter add chain=forward protocol=tcp in-interface=ether-lokal dst-port=80 src-address-list=user-tertentu dst-address-list=!ip-web-yang-bolehin action=drop
    address-list user-tertentu = isi dengan ip usernya
    address-list ip-web-yang-dibolehin = isi dengan ip address web nya.

    kalau tidak tau ip address web nya bisa liat di cmd windows dengan command nslookup misalnya detik yah nslookup detik.com
    Om Masjito, kalau diset seperti ini berarti jika web tersebut berganti IP, maka rule-nya tidak berlaku ya? saya juga dapat permintaan serupa dari kantor, tetapi maunya di set berdasarkan keyword.

    Terima kasih.

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 6
    Last Post: 03-09-2012, 20:15
  2. Setting hanya bisa email only saja
    By Satya in forum Scripting @ Mikrotik
    Replies: 4
    Last Post: 01-03-2012, 13:48
  3. [ASK] Knp beberapa client gk bisa browsing
    By q-tink in forum Beginner Basics
    Replies: 4
    Last Post: 28-01-2010, 23:22
  4. tolong.. ga bisa browsing ke beberapa situs
    By csman in forum Beginner Basics
    Replies: 7
    Last Post: 02-07-2008, 21:04
  5. membuat hanya beberapa user aj yang bisa konek ke internet
    By ahmad.rifani in forum General Networking
    Replies: 11
    Last Post: 14-06-2008, 00:53

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •